include/netlink/netfilter/exp.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

/*
 * netlink/netfilter/exp.h   Conntrack Expectation
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation version 2.1
 *  of the License.
 *
 * Copyright (c) 2003-2008 Thomas Graf <tgraf@suug.ch>
 * Copyright (c) 2007 Philip Craig <philipc@snapgear.com>
 * Copyright (c) 2007 Secure Computing Corporation
 * Copyright (c) 2012 Rich Fought <rich.fought@watchguard.com>
 */

#ifndef NETLINK_EXP_H_
#define NETLINK_EXP_H_

#include <netlink/netlink.h>
#include <netlink/addr.h>
#include <netlink/cache.h>
#include <netlink/msg.h>

#include <linux/version.h>

#ifdef __cplusplus
extern "C" {
#endif

struct nfnl_exp;

enum nfnl_exp_tuples {
	NFNL_EXP_TUPLE_EXPECT,
	NFNL_EXP_TUPLE_MASTER,
	NFNL_EXP_TUPLE_MASK,
	NFNL_EXP_TUPLE_NAT,
	NFNL_EXP_TUPLE_MAX
};

extern struct nl_object_ops exp_obj_ops;

extern struct nfnl_exp * nfnl_exp_alloc(void);
extern int  nfnl_exp_alloc_cache(struct nl_sock *, struct nl_cache **);

extern int  nfnlmsg_exp_group(struct nlmsghdr *);
extern int  nfnlmsg_exp_parse(struct nlmsghdr *, struct nfnl_exp **);

extern void nfnl_exp_get(struct nfnl_exp *);
extern void nfnl_exp_put(struct nfnl_exp *);

extern int  nfnl_exp_dump_request(struct nl_sock *);

extern int  nfnl_exp_build_add_request(const struct nfnl_exp *, int,
						struct nl_msg **);
extern int  nfnl_exp_add(struct nl_sock *, const struct nfnl_exp *, int);

extern int  nfnl_exp_build_delete_request(const struct nfnl_exp *, int,
						struct nl_msg **);
extern int  nfnl_exp_del(struct nl_sock *, const struct nfnl_exp *, int);

extern int  nfnl_exp_build_query_request(const struct nfnl_exp *, int,
						struct nl_msg **);
extern int  nfnl_exp_query(struct nl_sock *, const struct nfnl_exp *, int);

extern void nfnl_exp_set_family(struct nfnl_exp *, uint8_t);
extern uint8_t  nfnl_exp_get_family(const struct nfnl_exp *);

extern void nfnl_exp_set_timeout(struct nfnl_exp *, uint32_t);
extern int  nfnl_exp_test_timeout(const struct nfnl_exp *);
extern uint32_t nfnl_exp_get_timeout(const struct nfnl_exp *);

extern void nfnl_exp_set_id(struct nfnl_exp *, uint32_t);
extern int  nfnl_exp_test_id(const struct nfnl_exp *);
extern uint32_t nfnl_exp_get_id(const struct nfnl_exp *);

extern int  nfnl_exp_set_helper_name(struct nfnl_exp *, void *);
extern int  nfnl_exp_test_helper_name(const struct nfnl_exp *);
extern const char * nfnl_exp_get_helper_name(const struct nfnl_exp *);

extern void nfnl_exp_set_zone(struct nfnl_exp *, uint16_t);
extern int  nfnl_exp_test_zone(const struct nfnl_exp *);
extern uint16_t nfnl_exp_get_zone(const struct nfnl_exp *);

extern void nfnl_exp_set_flags(struct nfnl_exp *, uint32_t);
extern int  nfnl_exp_test_flags(const struct nfnl_exp *);
extern void nfnl_exp_unset_flags(struct nfnl_exp *exp, uint32_t flags);
extern uint32_t nfnl_exp_get_flags(const struct nfnl_exp *);
extern char * nfnl_exp_flags2str(int flags, char *buf, size_t len);
int nfnl_exp_str2flags(const char *name);

extern void nfnl_exp_set_class(struct nfnl_exp *, uint32_t);
extern int  nfnl_exp_test_class(const struct nfnl_exp *);
extern uint32_t nfnl_exp_get_class(const struct nfnl_exp *);

extern int  nfnl_exp_set_fn(struct nfnl_exp *, void *);
extern int  nfnl_exp_test_fn(const struct nfnl_exp *);
extern const char * nfnl_exp_get_fn(const struct nfnl_exp *);

extern void nfnl_exp_set_nat_dir(struct nfnl_exp *, uint8_t);
extern int  nfnl_exp_test_nat_dir(const struct nfnl_exp *);
extern uint8_t nfnl_exp_get_nat_dir(const struct nfnl_exp *);

// The int argument specifies which nfnl_exp_dir (expect, master, mask or nat)
// Expectation objects only use orig, not reply

extern int  nfnl_exp_set_src(struct nfnl_exp *, int, struct nl_addr *);
extern int  nfnl_exp_test_src(const struct nfnl_exp *, int);
extern struct nl_addr * nfnl_exp_get_src(const struct nfnl_exp *, int);

extern int  nfnl_exp_set_dst(struct nfnl_exp *, int, struct nl_addr *);
extern int  nfnl_exp_test_dst(const struct nfnl_exp *, int);
extern struct nl_addr * nfnl_exp_get_dst(const struct nfnl_exp *, int);

extern void  nfnl_exp_set_l4protonum(struct nfnl_exp *, int, uint8_t);
extern int  nfnl_exp_test_l4protonum(const struct nfnl_exp *, int);
extern uint8_t nfnl_exp_get_l4protonum(const struct nfnl_exp *, int);

extern void nfnl_exp_set_ports(struct nfnl_exp *, int, uint16_t, uint16_t);
extern int nfnl_exp_test_ports(const struct nfnl_exp *, int);
extern uint16_t nfnl_exp_get_src_port(const struct nfnl_exp *, int);
extern uint16_t nfnl_exp_get_dst_port(const struct nfnl_exp *, int);

extern void nfnl_exp_set_icmp(struct nfnl_exp *, int, uint16_t, uint8_t, uint8_t);
extern int nfnl_exp_test_icmp(const struct nfnl_exp *, int);
extern uint16_t nfnl_exp_get_icmp_id(const struct nfnl_exp *, int);
extern uint8_t  nfnl_exp_get_icmp_type(const struct nfnl_exp *, int);
extern uint8_t  nfnl_exp_get_icmp_code(const struct nfnl_exp *, int);

#ifdef __cplusplus
}
#endif

#endif